Mededeling

Collapse
No announcement yet.

Nieuwe tabs geopend en reclame

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Nieuwe tabs geopend en reclame

    Hallo,

    Graag wil ik iemand vragen om mij te helpen. Op de nieuwe pc van mn broertje krijgen we allemaal rare reclame tabs te zien zodra hij de browser opent. Ik zie dan tabs van MacAfee en andere reclame beoordelingssite's.
    Graag willen wij hiervan af. Kan iemand ons helpen?

    Ook doet het snel zoeken zoekveld van google het niet bij firefox. Heeft dit eveneens te maken met een virus?
    Bovendien gaat de pc vaak zomaar dicht en dan krijgen we een blauwe scherm te zien van oeps er is iets misgegaan.....

    Alvast bedankt!

    Nero

    MBAM logje:
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 13-12-2014
    Scan Time: 16:24:51
    Logfile: FILEEE.txt
    Administrator: No

    Version: 2.00.4.1028
    Malware Database: v2014.12.13.04
    Rootkit Database: v2014.12.08.03
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Mensur & Adna

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 418046
    Time Elapsed: 32 min, 3 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    AdwCleaner:
    # AdwCleaner v4.105 - Rapport aangemaakt 13/12/2014 op 19:15:38
    # Laatste Update 08/12/2014 door Xplode
    # Database : 2014-12-13.4 [Live]
    # Besturingssysteem : Windows 8.1 (64 bits)
    # Gebruikersnaam : E - MBELMA
    # Gestart vanuit : C:\Users\Mensur & Adna\Downloads\adwcleaner_4.105.exe
    # Optie : Verwijderen

    ***** [ Services ] *****

    Service Verwijderd : vToolbarUpdater18.1.9

    ***** [ Bestanden / Mappen ] *****

    Map Verwijderd : C:\ProgramData\AVG SafeGuard toolbar
    Map Verwijderd : C:\ProgramData\AVG Secure Search
    Map Verwijderd : C:\Program Files (x86)\AVG SafeGuard toolbar
    Map Verwijderd : C:\Program Files (x86)\Common Files\AVG Secure Search
    Map Verwijderd : C:\Program Files\AVG SafeGuard toolbar
    Map Verwijderd : C:\UsErs\E\AppData\LocalLow\AVG SafeGuard toolbar
    Bestand Verwijderd : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

    ***** [ Taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\S
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Sleutel Verwijderd : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Waarde Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijderd : HKCU\Software\AVG SafeGuard toolbar
    Sleutel Verwijderd : HKLM\SOFTWARE\AVG SafeGuard toolbar
    Sleutel Verwijderd : HKLM\SOFTWARE\AVG Security Toolbar

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17126


    -\\ Mozilla Firefox v33.1 (x86 nl)


    *************************

    AdwCleaner[R0].txt - [4979 octets] - [13/12/2014 19:14:01]
    AdwCleaner[S0].txt - [4907 octets] - [13/12/2014 19:15:38]

    ########## EOF - \AdwCleaner\AdwCleaner[S0].txt - [4967 octets] ##########

    E-Peek:
    E-Peek v 1.9.9.0 © Emphyrio/Onsia Patrick 2013-2014
    E Dev
    Run at za 13 dec 2014 19:27
    .
    Windows 8.1 (64 bits)
    C:\windows [NTFS - Fixed]
    Default Browser: Internet Explorer
    Boot mode: Normal boot
    User logged in: E
    .
    Java x86: n/a
    Java x64: n/a
    .
    AV : Windows Defender [Updated - Not Running]
    AV : avast! Antivirus [Updated - Not Running]
    AS : Windows Defender [Updated - Not Running]
    AS : avast! Antivirus [Updated - Not Running]
    FW : FW : avast! Antivirus [Updated - Not Running]

    .
    ==================== Files and Folders history =================================

    Folders Created Last 7 days :

    13-12-2014 ##### r-h-s-d+a- C:\Users\E\AppData\Roaming\E Dev
    13-12-2014 ##### r-h-s-d+a- C:\Program Files (x86)\Microsoft Synchronization Services
    13-12-2014 ##### r-h-s-d+a- C:\Program Files (x86)\E Dev
    13-12-2014 ##### r-h-s-d+a- C:\AdwCleaner

    Files Modified Last 7 days :

    13-12-2014 03409780 r-h-s-d-a+ C:\windows\system32\PerfStringBackup.INI
    13-12-2014 00806500 r-h-s-d-a+ C:\windows\system32\perfh013.dat
    13-12-2014 00789596 r-h-s-d-a+ C:\windows\system32\prfh0816.dat
    13-12-2014 00723316 r-h-s-d-a+ C:\windows\system32\perfh009.dat
    13-12-2014 00542632 r-h-s-d-a+ C:\windows\system32\perfh008.dat
    13-12-2014 00164166 r-h-s-d-a+ C:\windows\system32\prfc0816.dat
    13-12-2014 00162500 r-h-s-d-a+ C:\windows\system32\perfc013.dat
    13-12-2014 00135930 r-h-s-d-a+ C:\windows\system32\perfc009.dat
    13-12-2014 00089196 r-h-s-d-a+ C:\windows\system32\perfc008.dat
    13-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-13-18-17-15.076-AvastVBoxSVC.exe-2924.log
    13-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-13-15-17-37.080-AvastVBoxSVC.exe-3284.log
    11-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-11-18-31-52.037-AvastVBoxSVC.exe-3296.log
    10-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-10-20-55-54.070-AvastVBoxSVC.exe-3320.log
    10-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-10-18-34-52.056-AvastVBoxSVC.exe-2772.log
    09-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-09-19-12-22.098-AvastVBoxSVC.exe-3088.log
    09-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-09-18-23-59.056-AvastVBoxSVC.exe-3148.log
    08-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-08-19-08-02.017-AvastVBoxSVC.exe-3288.log
    08-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-08-18-08-03.041-AvastVBoxSVC.exe-3228.log
    08-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-08-15-40-42.079-AvastVBoxSVC.exe-3480.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-18-47-58.085-AvastVBoxSVC.exe-3332.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-18-16-46.051-AvastVBoxSVC.exe-3288.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-15-01-15.053-AvastVBoxSVC.exe-3308.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-14-58-37.056-AvastVBoxSVC.exe-4952.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-12-14-52.064-AvastVBoxSVC.exe-3264.log
    06-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-06-21-05-50.000-AvastVBoxSVC.exe-3360.log

    Files Created Last 7 days :

    13-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-13-18-17-15.076-AvastVBoxSVC.exe-2924.log
    13-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-13-15-17-37.080-AvastVBoxSVC.exe-3284.log
    11-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-11-18-31-52.037-AvastVBoxSVC.exe-3296.log
    10-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-10-20-55-54.070-AvastVBoxSVC.exe-3320.log
    10-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-10-18-34-52.056-AvastVBoxSVC.exe-2772.log
    09-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-09-19-12-22.098-AvastVBoxSVC.exe-3088.log
    09-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-09-18-23-59.056-AvastVBoxSVC.exe-3148.log
    08-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-08-19-08-02.017-AvastVBoxSVC.exe-3288.log
    08-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-08-18-08-03.041-AvastVBoxSVC.exe-3228.log
    08-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-08-15-40-42.079-AvastVBoxSVC.exe-3480.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-18-47-58.085-AvastVBoxSVC.exe-3332.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-18-16-46.051-AvastVBoxSVC.exe-3288.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-15-01-15.053-AvastVBoxSVC.exe-3308.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-14-58-37.056-AvastVBoxSVC.exe-4952.log
    07-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-07-12-14-52.064-AvastVBoxSVC.exe-3264.log
    06-12-2014 00000197 r-h-s-d-a+ C:\windows\system32\2014-12-06-21-05-50.000-AvastVBoxSVC.exe-3360.log

    ==================== RUNNING PROCESSES =========================================

    [afwServ] -SYSTEM- C:\Program Files\AVAST Software\Avast\afwServ.exe - (AVAST Software)
    [audiodg] -LOCAL SERVICE- C:\Windows\System32\audiodg.exe - (audiodg.exe)
    [AvastSvc] -SYSTEM- C:\Program Files\AVAST Software\Avast\AvastSvc.exe - (AVAST Software)
    [avastui] -Mensur & Adna- C:\Program Files\AVAST Software\Avast\avastui.exe - (AVAST Software)
    [AvastVBoxSVC] -SYSTEM- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe - (Avast Software)
    [CLMLSvc_P2G8] -Mensur & Adna- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe - (CyberLink)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [csrss] -SYSTEM- C:\Windows\System32\csrss.exe - (csrss.exe)
    [dllhost] -SYSTEM- C:\windows\system32\DllHost.exe - (Microsoft Corporation)
    [dwm] -DWM-1- C:\windows\system32\dwm.exe - (Microsoft Corporation)
    [E-Peek 1.9.9.0] -E- C:\Program Files (x86)\E Dev\E-Peek\E-Peek 1.9.9.0.exe - (E Dev)
    [explorer] -Mensur & Adna- C:\windows\Explorer.EXE - (Microsoft Corporation)
    [HeciServer] -SYSTEM- C:\Program Files\Intel\iCLS Client\HeciServer.exe - (Intel(R) Corporation)
    [IAStorDataMgrSvc] -SYSTEM- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe - (Intel Corporation)
    [IAStorIcon] -Mensur & Adna- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe - (Intel Corporation)
    [IntelMeFWService] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe - (Intel Corporation)
    [jhi_service] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe - (Intel Corporation)
    [livecomm] -Mensur & Adna- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.ex e - (Microsoft Corporation)
    [LMS] -SYSTEM- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - (Intel Corporation)
    [lsass] -SYSTEM- C:\windows\system32\lsass.exe - (Microsoft Corporation)
    [mbamscheduler] -SYSTEM- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe - (Malwarebytes Corporation)
    [msiexec] -SYSTEM- C:\windows\system32\msiexec.exe - (Microsoft Corporation)
    [ngservice] -SYSTEM- C:\Program Files\AVAST Software\Avast\ng\ngservice.exe - (AVAST Software)
    [NvBackend] -Mensur & Adna- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe - (NVIDIA Corporation)
    [nvtray] -Mensur & Adna- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - (NVIDIA Corporation)
    [nvvsvc] -SYSTEM- C:\windows\system32\nvvsvc.exe - (NVIDIA Corporation)
    [nvvsvc] -SYSTEM- C:\Windows\system32\nvvsvc.exe - (NVIDIA Corporation)
    [nvxdsync] -SYSTEM- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - (NVIDIA Corporation)
    [PDVD12Serv] -Mensur & Adna- C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe - (CyberLink Corp.)
    [RAVCpl64] -Mensur & Adna- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - (Realtek Semiconductor)
    [RichVideo64] -SYSTEM- C:\Program Files\CyberLink\Shared files\RichVideo64.exe - ()
    [RuntimeBroker] -Mensur & Adna- C:\Windows\System32\RuntimeBroker.exe - (Microsoft Corporation)
    [SearchFilterHost] -SYSTEM- C:\windows\system32\SearchFilterHost.exe - (Microsoft Corporation)
    [SearchIndexer] -SYSTEM- C:\windows\system32\SearchIndexer.exe - (Microsoft Corporation)
    [SearchProtocolHost] -SYSTEM- C:\windows\system32\SearchProtocolHost.exe - (Microsoft Corporation)
    [services] -SYSTEM- C:\Windows\System32\services.exe - (services.exe)
    [smss] -SYSTEM- C:\Windows\System32\smss.exe - (smss.exe)
    [spoolsv] -SYSTEM- C:\windows\System32\spoolsv.exe - (Microsoft Corporation)
    [System] -N/A- - (System)
    [taskhostex] -Mensur & Adna- C:\windows\system32\taskhostex.exe - (Microsoft Corporation)
    [TiWorker] -SYSTEM- C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17129_none_fa6387b99b0c7738\TiWorker.exe - (Microsoft Corporation)
    [TrustedInstaller] -SYSTEM- C:\windows\servicing\TrustedInstaller.exe - (Microsoft Corporation)
    [unsecapp] -Mensur & Adna- C:\windows\system32\wbem\unsecapp.exe - (Microsoft Corporation)
    [VSSVC] -SYSTEM- C:\windows\system32\vssvc.exe - (Microsoft Corporation)
    [wininit] -SYSTEM- C:\windows\system32\wininit.exe - (Microsoft Corporation)
    [winlogon] -SYSTEM- C:\windows\system32\winlogon.exe - (Microsoft Corporation)
    [WmiPrvSE] -NETWORK SERVICE- C:\windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
    [WmiPrvSE] -SYSTEM- C:\windows\system32\wbem\wmiprvse.exe - (Microsoft Corporation)
    [WpcMon] -Mensur & Adna- C:\windows\system32\WpcMon.exe - (Microsoft Corporation)

    ==================== IE PAGES ==================================================

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main
    Start Page = hxxp://www.msn.com/?pc=AV01
    Local Page = C:\Windows\SysWOW64\blank.htm
    Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    DisplayName = @ieframe.dll,-12512
    URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
    DisplayName = Microsoft (Bing)
    URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

    ==================== IE PAGES x64 ==============================================

    HKLM\Software\Microsoft\Internet Explorer\Main
    Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Local Page = C:\Windows\System32\blank.htm
    Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
    Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes
    DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

    HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    DisplayName = @ieframe.dll,-12512
    URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    ==================== Auto Load =================================================

    HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = userinit.exe
    Shell = explorer.exe

    ==================== Auto Load x64 =============================================

    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit = C:\Windows\system32\userinit.exe,
    Shell = explorer.exe

    ==================== Firefox ===================================================

    FF - ProfilePath - C:\Users\E\AppData\Roaming\Mozilla\firefox\Profiles\1thnbs72.default
    FF - Ext: [Default 32.0.3 ] - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} visible: True active: True
    FF - Ext: [Adblock Plus 2.6.4 ] - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} visible: True active: True
    FF - Ext: [McAfee SiteAdvisor 3.6.6 ] - extension - {4ED1F68A-5463-4931-9384-8FFF5ED91D92} visible: True active: False

    FF - PlugIn: [Adobe® Flash® Player 15.0.0.189 Plugin] - C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll


    ==================== Windows Host File =========================================


    ==================== BHO =======================================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Default = avast! Online Security
    => HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\InProcServer32 Default = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

    ==================== BHO x64 ===================================================

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
    HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} Default = avast! Online Security
    => HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\InProcServer32 Default = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll

    ==================== Auto Start Programs =======================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    CLMLServer_For_P2G8 = "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
    CLVirtualDrive = "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
    PowerDVD12Agent = "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"

    HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
    CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

    HKCU\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
    Report = \AdwCleaner\AdwCleaner[S0].txt

    ==================== Auto Start Programs x64 ===================================

    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    IAStorIcon = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
    NvBackend = "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
    *WerKernelReporting = C:\windows\SYSTEM32\WerFault.exe -k -rq

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved [2 = enabled 3= disabled]
    IAStorIcon = 2
    NvBackend = 4
    RTHDVCPL = 4
    CLMLServer_For_P2G8 = 6
    CLVirtualDrive = 6
    mcpltui_exe = 2
    PowerDVD12Agent = 6

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

    HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    Report = \AdwCleaner\AdwCleaner[S0].txt

    ==================== Extra Items IE ============================================

    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    ==================== Extra Items IE x64 ========================================

    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCELERATED_GRAPHICS @ Text = Accelerated graphics
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\ACCESSIBILITY @ Text = Accessibility
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\BROWSE @ Text = Browsing
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\CRYPTO @ Text = Security
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\HTTP @ Text = HTTP settings
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\INTERNATIONAL @ Text = International
    HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\MULTIMEDIA @ Text = Multimedia

    ==================== Internet Default Prefix ===================================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Internet Default Prefix x64 ===============================

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
    Default = http://

    HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes
    WWW = http://

    ==================== Protocol Hijackers ========================================

    HKLM\SOFTWARE\Wow6432Node\Classes\PROTOCOLS\Handler\wlpg
    CLSID = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}
    => SOFTWARE\Classes\\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}\InProcServer32 @ Default = Unknown # C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll # MD5 [4cf29c44e072c377b6866c399947e99a]



    ==================== ShellServiceObjectDelayLoad ===============================

    HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== ShellServiceObjectDelayLoad x64 =========================

    HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
    => HKCR\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED} [CLSID not present]


    ==================== Extra (Torpig/ConduitSearch) ==============================

    HKCR\Directory\shellex\CopyHookHandlers\FileSystem @ Default = {217FC9C0-3AEA-1069-A2DB-08002B30309D}
    => HKCR\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InProcServer32 @ Default = C:\windows\system32\shell32.dll

    HKCR\Directory\shellex\CopyHookHandlers\Sharing @ Default = {40dd6e20-7c17-11ce-a804-00aa003ca9f6}
    => HKCR\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}\InProcServer32 @ Default = C:\windows\system32\ntshrui.dll


    ==================== DRIVERS and SERVICES ======================================

    *** Win32OwnProcess ***

    SERV - R2 - [IAStorDataMgrSvc] - Intel(R) Rapid Storage Technology - c:\program files\intel\intel(r) rapid storage technology\iastordatamgrsvc.exe
    SERV - R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
    SERV - R2 - [Intel(R) ME Service] - Intel(R) ME Service - c:\program files (x86)\intel\intel(r) management engine components\fwservice\intelmefwservice.exe
    SERV - R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
    SERV - R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
    SERV - R2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe
    SERV - R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
    SERV - R2 - [RichVideo64] - Cyberlink RichVideo64 Service(CRVS) - c:\program files\cyberlink\shared files\richvideo64.exe
    SERV - R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
    SERV - R3 - [AvastVBoxSvc] - AvastVBox COM Service - c:\program files\avast software\avast\ng\vbox\avastvboxsvc.exe
    SERV - R3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
    SERV - R3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
    SERV - R3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe
    SERV - S2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
    SERV - S2 - [McAfee SiteAdvisor Service] - McAfee SiteAdvisor Service - c:\progra~2\mcafee\sitead~1\mcsacore.exe [x]
    SERV - S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
    SERV - S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe
    SERV - S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe
    SERV - S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
    SERV - S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
    SERV - S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
    SERV - S3 - [Intel(R) Capability Licensing Service TCP IP Interface] - Intel(R) Capability Licensing Service TCP IP Interface - c:\program files\intel\icls client\socketheciserver.exe
    SERV - S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
    SERV - S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
    SERV - S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe
    SERV - S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
    SERV - S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe
    SERV - S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe
    SERV - S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe
    SERV - S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
    SERV - S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe
    SERV - S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe
    SERV - S3 - [WdNisSvc] - Windows Defender Network Inspection Service - c:\program files\windows defender\nissrv.exe
    SERV - S3 - [WinDefend] - Windows Defender Service - c:\program files\windows defender\msmpeng.exe
    SERV - S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
    SERV - S3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe

    *** Win32ShareProcess ***

    SERV - R2 - [avast! Antivirus] - avast! Antivirus - c:\program files\avast software\avast\avastsvc.exe
    SERV - R2 - [avast! Firewall] - avast! Firewall - c:\program files\avast software\avast\afwserv.exe
    SERV - R2 - [SamSs] - Security Accounts Manager - c:\windows\system32\lsass.exe
    SERV - S3 - [EFS] - Encrypting File System (EFS) - c:\windows\system32\lsass.exe
    SERV - S3 - [KeyIso] - CNG Key Isolation - c:\windows\system32\lsass.exe
    SERV - S3 - [Netlogon] - Netlogon - c:\windows\system32\lsass.exe
    SERV - S3 - [VaultSvc] - Credential Manager - c:\windows\system32\lsass.exe
    SERV - S4 - [NetTcpPortSharing] - Net.Tcp Port Sharing Service - c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe

    *** Others ***

    SERV - R2 - [Spooler] - Print Spooler - c:\windows\system32\spoolsv.exe
    SERV - S3 - [UI0Detect] - Interactive Services Detection - c:\windows\system32\ui0detect.exe

    *** File System Driver ***

    DRV - R0 - [FileInfo] - File Information FS MiniFilter - C:\windows\system32\Drivers\FileInfo.sys
    DRV - R0 - [FltMgr] - FltMgr - C:\windows\system32\Drivers\FltMgr.sys
    DRV - R0 - [Mup] - Mup - C:\windows\system32\Drivers\Mup.sys
    DRV - R0 - [Wof] - Windows Overlay File System Filter Driver - C:\windows\system32\Drivers\Wof.sys
    DRV - R1 - [NetBIOS] - NetBIOS Interface - C:\windows\system32\Drivers\NetBIOS.sys
    DRV - R2 - [srv] - Server SMB 1.xxx Driver - C:\windows\system32\Drivers\srv.sys
    DRV - R3 - [srv2] - Server SMB 2.xxx Driver - C:\windows\system32\Drivers\srv2.sys

    *** Kernel Driver ***

    DRV - R0 - [ACPI] - Microsoft ACPI-stuurprogramma - C:\windows\system32\Drivers\ACPI.sys
    DRV - R0 - [acpiex] - Microsoft ACPIEx Driver - C:\windows\system32\Drivers\acpiex.sys
    DRV - R0 - [aswNdisFlt] - Avast! Firewall Driver - C:\windows\system32\Drivers\aswNdisFlt.sys
    DRV - R0 - [aswRvrt] - avast! Revert - C:\windows\system32\Drivers\aswRvrt.sys
    DRV - R0 - [aswVmm] - avast! VM Monitor - C:\windows\system32\Drivers\aswVmm.sys
    DRV - R0 - [CLFS] - Common Log (CLFS) - C:\windows\system32\Drivers\CLFS.sys
    DRV - R0 - [CNG] - CNG - C:\windows\system32\Drivers\CNG.sys
    DRV - R0 - [disk] - Stuurprogramma voor schijfstations - C:\windows\system32\Drivers\disk.sys
    DRV - R0 - [fvevol] - BitLocker Drive Encryption Filter Driver - C:\windows\system32\Drivers\fvevol.sys
    DRV - R0 - [iaStorA] - iaStorA - C:\windows\system32\Drivers\iaStorA.sys
    DRV - R0 - [intelpep] - Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing - C:\windows\system32\Drivers\intelpep.sys
    DRV - R0 - [KSecDD] - KSecDD - C:\windows\system32\Drivers\KSecDD.sys
    DRV - R0 - [KSecPkg] - KSecPkg - C:\windows\system32\Drivers\KSecPkg.sys
    DRV - R0 - [mountmgr] - Mount Point Manager - C:\windows\system32\Drivers\mountmgr.sys
    DRV - R0 - [msisadrv] - msisadrv - C:\windows\system32\Drivers\msisadrv.sys
    DRV - R0 - [NDIS] - NDIS System Driver - C:\windows\system32\Drivers\NDIS.sys
    DRV - R0 - [partmgr] - Partition Manager - C:\windows\system32\Drivers\partmgr.sys
    DRV - R0 - [pci] - PCI Bus-stuurprogramma - C:\windows\system32\Drivers\pci.sys
    DRV - R0 - [pcw] - Performance Counters for Windows Driver - C:\windows\system32\Drivers\pcw.sys
    DRV - R0 - [pdc] - pdc - C:\windows\system32\Drivers\pdc.sys
    DRV - R0 - [rdyboost] - ReadyBoost - C:\windows\system32\Drivers\rdyboost.sys
    DRV - R0 - [spaceport] - Stuurprogramma voor opslagruimten - C:\windows\system32\Drivers\spaceport.sys
    DRV - R0 - [Tcpip] - Stuurprogramma voor TCP/IP-protocol - C:\windows\system32\Drivers\Tcpip.sys
    DRV - R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator - C:\windows\system32\Drivers\vdrvroot.sys
    DRV - R0 - [volmgr] - Stuurprogramma voor Volumebeheer - C:\windows\system32\Drivers\volmgr.sys
    DRV - R0 - [volmgrx] - Dynamic Volume Manager - C:\windows\system32\Drivers\volmgrx.sys
    DRV - R0 - [volsnap] - Opslagvolumes - C:\windows\system32\Drivers\volsnap.sys
    DRV - R0 - [Wdf01000] - Kernel Mode Driver Frameworks service - C:\windows\system32\Drivers\Wdf01000.sys
    DRV - R0 - [WFPLWFS] - Microsoft Windows Filtering Platform - C:\windows\system32\Drivers\WFPLWFS.sys
    DRV - R1 - [AFD] - Ancillary Function Driver for Winsock - C:\windows\system32\Drivers\AFD.sys
    DRV - R1 - [Beep] - Beep - C:\windows\system32\Drivers\Beep.sys
    DRV - R1 - [tdx] - Stuurprogramma voor ondersteuning van NetIO Legacy TDI - C:\windows\system32\Drivers\tdx.sys
    DRV - R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\windows\system32\Drivers\tcpipreg.sys
    DRV - S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\windows\system32\Drivers\EhStorClass.sys
    DRV - S0 - [hwpolicy] - Hardware Policy Driver - C:\windows\system32\Drivers\hwpolicy.sys
    DRV - S3 - [atapi] - IDE-kanaal - C:\windows\system32\Drivers\atapi.sys

    ==================== SvcHost - White Listed ====================================

    WOW x64 - All Ok

    ==================== SvcHost x64 - White Listed ================================

    All Ok

    ==================== SigCheck x86 Fast =========================================

    Fast Scan All ok

    ==================== SigCheck x64 Fast =========================================

    Fast Scan All ok

    ==================== Job tasks at C:\windows\Tasks =============================

    C:\windows\Tasks\SA.DAT 6 bytes [ 22-8-2013 16:45:54 ]


    ==================== Job tasks at C:\windows\system32\Tasks ====================

    C:\windows\system32\Tasks\avast! Emergency Update 4182 bytes [ 7-11-2014 20:59:11 ]
    => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

    C:\windows\system32\Tasks\CCleanerSkipUAC 2764 bytes [ 3-10-2014 13:07:50 ]
    => "C:\Program Files\CCleaner\CCleaner.exe"

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1337954666-3365246503-3812227508-500 3596 bytes [ 14-5-2014 22:22:45 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1411370016-1684140959-2541974615-500 3596 bytes [ 2-7-2014 16:12:34 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1417907593-4224570124-2239603024-1001 3600 bytes [ 3-10-2014 13:00:30 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1417907593-4224570124-2239603024-1003 3600 bytes [ 3-10-2014 21:32:04 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1417907593-4224570124-2239603024-500 2324 bytes [ 11-9-2014 15:42:11 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1699871604-3919882110-914227205-500 3594 bytes [ 13-5-2014 19:51:24 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1746239437-736636652-4112185482-500 3594 bytes [ 28-4-2014 13:31:18 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2459828839-2522776815-3392737513-500 3596 bytes [ 28-4-2014 15:39:51 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2758317423-3897502023-3626412327-500 3596 bytes [ 30-4-2014 08:09:42 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3180656211-639042760-2496406545-500 3594 bytes [ 24-4-2014 17:45:01 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3704421973-2314356633-1384728311-500 3596 bytes [ 28-4-2014 11:14:40 ]

    C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-941730790-3843577710-2423437562-500 3594 bytes [ 2-7-2014 11:42:08 ]

    C:\windows\system32\Tasks\PDVDServ12 Task 3062 bytes [ 2-7-2014 13:57:40 ]
    => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe


    ==================== Job tasks at C:\windows\SysWOW64\Tasks ====================

    There are no .job files found.

    ==================== End scanning at za 13 dec 2014 19:27 (0 Min 10 Sec ) ======
    Nero

  • #2
    Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
    Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden.
    (hier en hier) kan je lezen hoe je dat doet.

    Download Zoek.exe naar het bureaublad (klik hier voor meer informatie over hoe zoek.exe te gebruiken)
    • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.
    • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
      Code:
      emptyclsid;
      shortcutfix;
      emptyfolderscheck;
      firefoxlook; 
      Chromelook; 
      CHRdefaults;
      autoclean; 
      iedefaults; 
      filesrcm;  
      startupall;
      resetieproxy;
    • Klik nu op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
    • Post het geopende logje in het volgende bericht als bijlage.

    Windows 10 opstarten in Veilige Modus

    Comment


    • #3
      Beste Juisterr,

      Bedankt voor uw aanwijzingen. Ik heb de resultaten in de bijlage gedaan.
      Ik hoor graag van u of het zo goed is.
      Groet,
      Bijgevoegde Bestanden
      Nero

      Comment


      • #4
        Download AdwCleaner by Xplode naar het bureaublad.
        • Sluit alle openstaande vensters.
        • Dubbelklik op AdwCleaner om hem te starten.
        • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
        • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
        • Klik vervolgens op Scannen.
        • Klik vervolgens op Verwijderen als er items zijn gevonden.
        • Klik bij Herstarten Noodzakelijk op OK.


        Nadat de PC opnieuw is opgestart, opent meestal een logfile.
        Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[S0].txt.

        Logbestand plaatsen
        • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[S0].txt als bijlage toe aan het volgende bericht.

        Windows 10 opstarten in Veilige Modus

        Comment


        • #5
          Wil het lukken ?

          Windows 10 opstarten in Veilige Modus

          Comment


          • #6
            Hierbij het logbestandje, sorry voor de late verzending ervan
            Bijgevoegde Bestanden
            Nero

            Comment


            • #7
              Prima,

              Download Delfix by Xplode naar het bureaublad.

              KLIK HIER voor een vergroting!
              (Klik bovenstaande afbeelding aan voor een vergroting!)

              Dubbelklik op Delfix.exe om de tool te starten.
              Zet nu vinkjes voor de volgende items:
              • Remove disinfection tools
              • Purge System Restore
              • Reset system settings

              Klik nu op "Run" en wacht geduldig tot de tool gereed is.
              Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

              Windows 10 opstarten in Veilige Modus

              Comment


              • #8
                Is het nu dan opgelost?

                De tabbladen openen niet meer, maar als ik bij firefox via de google zoekbalk iets typ, dan krijg ik een error. Ik dacht dat dat ook door de malware kwam. Of is dat niet zo?

                Ik krijg dit te zien:
                Beveiligde verbinding mislukt
                Fout tijdens het verbinden met www.google.com. SSL ontving een record die de maximaal toegestane lengte overschreed. (Foutcode: ssl_error_rx_record_too_long)
                Nero

                Comment


                • #9
                  Ik vermoed dat dit wel door de malware komt en dat je FF nu corrupt of beschadigt is, beter is het om die te verwijderen en opnieuw te installeren.

                  Windows 10 opstarten in Veilige Modus

                  Comment


                  • #10
                    Gedaan,

                    Ik krijg als melding dat de beveiligingscertificaat van google niet goed is.
                    Ik heb op doorgaan geklikt en nu doet kan ik de google zoekbalk wel gebruiken. Ik denk dat het nu wel goed zit?
                    Nero

                    Comment


                    • #11
                      Test maar even uit ja.

                      Windows 10 opstarten in Veilige Modus

                      Comment

                      Sorry, you are not authorized to view this page
                      Working...
                      X